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PRELTMTNARY AMENDMENT 

Assistant Commissioner for Patents 
Washington, D.C. 20231 

Sir: 

Prior to examination and the calculation of filing fees, kmdly amend the above- 
identified application as follows: 



IN THE SPECIFICATION: 

Page 1, immediately following the title appearing on lines 1 and 2, insert the 
following: 

-This disclosure is based upon, and claims priority from French Application No. 
99/02834, filed on March 8, 1999 and International Application No. PCT/FROO/00283 , 
filed February 7, 2000, which was published on September 14, 2000 in a language other 
than English, the contents of which are mcorporated herein by reference. 
Background of the Invention — 
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Page 8, between lines 15 and 16, insert the following heading: 
— Summary of the Invention — 

Page 12, before line 8, insert the following heading: 
- Brief Description of the Drawings - . 

Page 13, before line 7, insert the following heading: 
-Detailed Description- 

Add the following Abstract: 

-An electronic component uses a secret key cryptographic algorithm that employs 
several successive computing cycles to supply final output data from initial input data 
applied at the first cycle. A first random value is applied to a computation conducted for 
each cycle, to obtain unpredictable output data. A second random value as also applied to 
the initial input data that is used for the input of the first cycle. - 

IN THE CLAIMS: 

Kindly replace claims 1-7, as follows. 

1. (Amended) A countermeasure method against attacks by differential analysis 
in an electronic component implementing a secret key cryptographic algorithm, the 
implementation of which comprises a number of successive calculation cycles in order to 
supply, from first input data applied to the first cycle, final data at the output of the last 



Application No. Unassigned 
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cycle to produce an encrypted message, each calculation cycle using calculation means for 
supplying an output data item from an input data item, said calculation means performing 
the steps of: 

applying a first random value to the input data item and to the output data item in 
order to obtain an unpredictable data item as an output, and 

applying a second random value to said first input data by means of an 
EXCLUSIVE OR operation. 

2. (Amended) A countermeasure method according to Claim 1, further 
including the step of applying the second random value to the final data supplied by the last 
cycle by means of an EXCLUSIVE OR operation. 

3 . (Amended) A countermeasure method according to claim 1 further includmg 
the step, at the end of each cycle, of executing an additional operation to eliminate said first 
random value at the output of each cycle. 

4. (Amended) A countermeasure method according to claim 1 wherein a new 
set of first and second random values is selected for each new execution of the algorithm. 

5. (Amended) A method according to Claim 4, wherein said calculation means 
are calculated from first calculation means defining, for input data, corresponding output 
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data, by applying the second random value to said input data and applying the first random 
value at least to said output data of the first calculation means. 

6. (Amended) A countermeasure method according to Claim 5, wherein the 
calculation means comprise constants tables. 

7. (Amended) An electronic security component that unplements a 
countermeasure method for attacks against a secret key cryptographic algorithm by means 
of differential analysis, wherein said algorithm comprises a number of successive 
calculation cycles in order to supply, from first input data applied to the first cycle, final 
data at the output of the last cycle to produce an encrypted message, each calculation cycle 
using calculation means for supplying an output data item from an input data item, said 
calculation means comprising the application of a first random value to the input data item 
and to the output data item to obtam an unpredictable output data item, comprising first 
calculation means fixed in a program memory, second calculation means that are calculated 
at each new execution of the algorithm and stored in working memory, and means for 
generating first and second random values for calculating said second calculation means. 
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REMARKS 

Entry of the foregoing amendment is respectfully requested. This amendment is 
intended to place the claims in a more conventional format and eliminate the multiple 
dependency of the claims. 

Respectfully submitted, 



Burns, Doane, Swecker & Mathis, l.l.p. 




James A. LaBarre 
Registration No. 28,632 



P.O. Box 1404 

Alexandria, Virginia 22313-1404 
(703) 836-6620 



Date: September 10, 2001 
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Attachment to Preliminary Amendment dated September 10, 2001 
Marked-up Claims 1-7 

1 . (Amended) A countermeasure method against attacks by differential analysis 
in an electronic component implementing a secret key [(K)] cryptographic algorithm, the 
implementation of which comprises a number of successive calculation cycles [(Tl, ... 
T16)] in order to supply, from first input data [(LO, RO)] applied to the first cycle [(Tl)], 
final data [(L16, R16)] at the output of the last cycle [(T16) allowmg the production of] to 
produce an encrypted message [(C)] , each calculation cycle using calculation means [(TC)] 
for supplying an output data item [(S)] from an input data item [(E)] , said calculation means 
[comprising the application of] performing the steps of: 

applying a first random value [(u)] to the input data item [(E)] and to the output data 
item [(S)] in order to obtain [at the output] an unpredictable data item [(S®u), characterised 
in that the method comprises the use of means ofl as an output, and 

applying a second random value [(v)] to said first input data [(LO, RO), according to] 
by means of an EXCLUSIVE OR operation. 

2. (Amended) A countermeasure method according to Claim 1, [characterised 
in that it also comprises the use of means] further including the step of applying the second 
random value [(v)] to the final data supplied by the last cycle [(T16), according to] by 
means of an EXCLUSIVE OR operation. 
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Attachment to Preliminary Amendment dated September 10, 2001 
Marked-up Claims 1-7 

3. (Amended) A countermeasure method according to [either one of the 
previous claims, characterised in that it comprises] claim 1 further includi ng the step, at the 
end of each cycle, [the execution] of executing an additional operation [(CP(p(u))) in order] 
to elinunate said fust random value [(u)] at the output of each cycle. 

4. (Amended) A countermeasure method according to [any one of the previous 
claims, characterised m that it comprises the taking of] claim 1 wherein a new set of first 
and second random values [(u, v) and calculation of the calculation means (TCm) used in 
each cycle] is selected for each new execution of the algorithm. 

5. (Amended) A method according to Claun 4, [characterised in that] wherein 
said calculation means [(TCm)] are calculated from first calculation means [(TC^)] defining, 
for input data [(E)], corresponding output data [(S)], by applying the second random value 
[(v)] to said input data [(E©e(v))] and applying the first random value [(u)] at least to said 
output data [(S©u)] of the fiurst calculation means. 

6. (Amended) A countermeasure method according to Claim 5, [characterised 
in that] wherein the calculation means [(TCq, TC^) are] comprise constants tables. 
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Attachment to Preliminary Amendment dated September 10, 2001 
Marked-up Claims 1-7 

7. (Amended) An electronic security component [implementing the] that 
implements a countermeasure method [against attacks by differential analysis comprising] 
for attacks against a secret key [(K)] cryptographic algorithm[, the implementation of 
which] by means of differential analysis, wherein said algorithm comprises a number of 
successive calculation cycles [(Tl, ... T16)] m order to supply, from first input data [(LO, 
RO)] applied to the first cycle [(Tl)], final data [(L16, R16)] at the output of the last cycle 
[(T16) allowing the production of] to produce an encrypted message [(C)], each calculation 
cycle usmg calculation means [(TC)] for supplying an output data item [(S)] from an input 
data item [(E)], said calculation means comprising the application of a first random value 
[(u)] to the input data item [(E)] and to the output data item [(S) in order] to obtain [at the 
output] an unpredictable output data item [(Seu), characterised in that] , comprising first 
calculation means [(TCq) are] fixed in a program memory [(1) of said component], second 
calculation means [(TC^) used in each cycle being] that are calculated at each new 
execution of the algorithm and stored in working memory [(3)], and [m that it comprises] 
means [(4) of] for generating first and second random values [(u, v)] for calculating said 
second calculation means [(TC^)] . 
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COUNTERMEASURE METriOD IN AN ELECTRONIC COMPONE.NT 
IMPLEMENTING A SECRET KEY CRYPTOGRAPHIC ALGORITHM 

The present invention relates to a countermeasure 
method in an electronic component implementing a secret 



applications where the access to services or data is 
strictly controlled. They have an architecture formed 
around a microprocessor and memories, one of which is a 
program memory which contains the secret key. 

These components are notably used in smart cards, 
for certain applications thereof. These are for 
example applications for accessing certain data banks, 
banking applications, or remote payment applications, 
for example for television, petrol dispensing or 
passing through motorway tolls. 

These components or these cards therefore 
implement a secret key cryptographic algorithm, the 
best known of which is the DES (Data Encryption 
Standard) algorithm. Other secret key algorithms 
exist, such as the RC5 algorithm or the COMP128 
algorithm. This list is of course not exhaustive. 

Briefly and in general terms, the function of 
these algorithms is to calculate an encrypted message 
from a message applied at the input (to the card) by a 
host system (server, cash dispenser, etc.) and the 
secret key contained in the card, and to supply in 
return to the host system this encrypted message, which 
allows for example the host system to authenticate the 
component or the card, to exchange data, etc. 



key cryptographic algorithm. 



They are used in 
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However, it has turned out that these components 
or these cards are vulnerable to attacks consisting of 
a differential current consumption analysis and which 
allow ill-intentioned third parties to find the secret 
key. These attacks are referred to as DPA 

(Differential Power Analysis) attacks. 

The principle of these DPA attacks is based on 
the fact that the current consumption of a 
microprocessor executing instructions varies according 
to the data manipulated. 

Notably, an instruction of a microprocessor 
manipulating a data bit generates two different current 
profiles depending on whether this bit has the value 
"1" or "O". Typically, if the instruction is 

manipulating a "0", there is at that execution instant 
a first consumed current amplitude, and if the 
instruction is manipulating a ^^1", there is a second 
consumed current amplitude, different from the first. 

The characteristics of cryptographic algorithms 
are known: the calculations performed and parameters 
used. The sole unknown is the secret key contained in 
program memory. This cannot be deduced from the sole 
knowledge of the message applied at the input and the 
encrypted message supplied in return. 

However, in a cryptographic algorithm, certain 
calculated data depend solely on the message applied in 
clear at the input of the card and the secret key 
contained in the card. Other data calculated in the 
algorithm can also be recalculated solely from the 
encrypted message (generally supplied in clear at the 
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output of the card to the host system) and the secret 
key contained in the card. More precisely^ each bit of 
these particular data items can be determined from the 
input or output message, and from a limited number of 
particular bits of the key. 

Thus, each bit of a particular data item has 
corresponding thereto a sub-key formed by a particular 
group of bits of the key. 

The bits of these particular data items which can 
be predicted are referred to in the remainder of the 
document as target bits. 

The basic idea of the DPA attack is thus to use 
the difference in the current consumption profile of an 
instruction depending on whether it is manipulating a 
"1" or a "0" and the possibility of calculating a 
target bit by the instructions of the algorithm from a 
known input or output message and a hypothesis on the 
corresponding sub-key. 

The principle of the DPA attack is therefore to 
test a given sub-key hypothesis by applying, to a large 
number of current measurement curves, each relating to 
an input message known to the attacker, a Boolean 
selection function, a function of the sub-key 
hypothesis, and defined for each curve by the value 
predicted for a target bit. 

Making a hypothesis on the sub-key concerned in 
fact gives the capability of predicting the value "0" 
or "1" which this target bit will take for a given 
input or output message. 
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There can then be applied, as a Boolean selection 
function, the value "0" or "1" predicted for the target 
bit for the considered sub-key hypothesis, in order to 
sort these curves into two bundles: a first bundle 
groups together the curves where the target bit was 
manipulated at "0" and a second bundle groups together 
the curves where the target bit was manipulated at "1" 
according to the sub-key hypothesis. By calculating 
the current consumption mean in each bundle, a mean 
consumption curve MO(t) for the first bundle and a mean 
consumption curve Ml(t) for the second bundle are 
obtained. 

If the sub-key hypothesis is correct, the first 
bundle actually groups together all the curves among 
the N curves where the target bit was manipulated at 
"0" and the second bundle actually groups together all 
the curves among the N curves where the target bit was 
manipulated at "1". The mean consumption curve MO (t) 
of the first bundle will then have a mean consiomption 
everywhere except at the moments at which the critical 
instructions are executed, with a current consumption 
profile characteristic of manipulation of the target 
bit at ^''0" (profileo) . In other words, for all these 
curves, all the manipulated bits had as many chances of 
having the value "0" as having the value "1", except 
the target bit which always had the value "0". This 
can be written: 



MO(t) = [(profileo + prof ilei) /2 ] t^ci + [prof ileo] tci that is 
MO(t) = [Vmtlt^tci + [profileoJtci 
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where tci represents the critical instants, at 
which a critical instruction was executed. 

Similarly, the mean consumption curve Ml(t) of 
the second bundle corresponds to a mean consumption 
everywhere except at the moments at which the critical 
instructions are executed, with a current consumption 
profile characteristic of manipulation of the target 
bit at "1" (profilei) . The following can be written: 

Ml(t) = [(profileo + prof ilei) /2 ] t^ci + [prof ilei] tci that is 
Ml(t) = [Vmtltrtci + [profilei] tci 

It has been seen that the two profiles profileo 
and profilei are not equal. The difference in the 
curves MO(t) and Ml{t) then gives a signal DPA(t), the 
amplitude of which is equal to profileo - profilei at 
the critical instants tci at which the critical 
instructions manipulating this bit are executed, that 
is to say, in the example depicted in Figure 1, at the 
locations tcO to tc6, and the amplitude of which is 
approximately equal to zero apart from the critical 
instants . 

If the sub-key hypothesis is false, the sort does 
not correspond to reality. Statistically, there are 
then, in each bundle, as many curves where the target 
bit was actually manipulated at "0" as curves where the 
target bit was manipulated at "1". The resultant mean 
curve MO(t) is then situated around a mean value given 
by (profileo + profilei) /2 = Vm, since, for each of the 
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curves^ all the bits manipulated, including the target 
bit, have as many chances of having the value "0" as 
having the value "1". 

The same reasoning on the second bundle leads to 
a mean current consumption curve Ml (t) , the amplitude 
of which is situated around a mean value given by 
(profileo + profilei) /2 = Vm. 

The signal DPA(t) supplied by the difference 
MO(t)-Ml(t) is in this case substantially equal to 
zero. The signal DPA(t) in the case of a false sub-key 
hypothesis is depicted in Figure 2 . 

Thus, the DPA attack exploits the difference in 
the current consumption profile during execution of an 
instruction according to the value of the manipulated 
bit, in order to carry out a current consumption curve 
sort according to a Boolean selection function for a 
given sub-key hypothesis. By carrying out a 

differential analysis of the mean current consumption 
between the two bundles of curves obtained, an 
information signal DPA(t) is obtained. 

Overall, the steps in a DPA attack then consist 

in : 

a - taking N random messages (for example N equal 
to 1000) ; 

b - making the card execute the algorithm for 
each of the N random messages, plotting the current 
consumption curve each time (measured on the power 
supply terminal of the component) ; 

c - making a hypothesis on a sub-key; 
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Figure 2) . It is necessary to return to step c - and 
make a new hypothesis on the sub-key. 

If the hypothesis proves to be correct, the 
procedure can move to the evaluation of other sub-keys, 
until the key has been reconstructed as much as 
possible. For example, with a DBS algorithm, use is 
made of a key of 64 bits, only 56 of which are useful. 
With a DPA attack, it is possible to reconstruct at 
least 48 bits of the 56 useful bits. 

Two documents relating to the technological 
background are cited below. These are the documents 
NAKAO Y ET AL : "THE SECURITY OF AN RDES CRYPTOSYSTEM 
AGAINST LINEAR CRYPTANALYSIS" , lEICE TRANSACTIONS ON 
FUNDAMENTALS OF ELECTRONICS, COMMUNICATIONS AND 
COMPUTER SCIENCES, JP, INSTITUTE OF ELECTRONICS 
INFORMATION AND COMM. ENG. TOKYO, vol. E7 9-A, no. 1, 
page 12-19 XP000558714 ISSN: 0916-8508, denoted Dl and 
WO 00 27068, denoted D2 . 

The document Dl relates to a cryptosystem using 
the DES in order to be made secure. 

The document D2 relates to an electronic 
component implementing a secret key algorithm; the 
implementation of this algorithm comprises the use of 
first means from an input data item (E) in order to 
supply an output data item. 

The aim of the present invention is to implement, 
in an electronic component, a countermeasure method 
against attacks by differential analysis which brings 
about a null signal DPA(t), even where the sub-key 
hypothesis is correct. 



In this way, nothing allows the correct sub-key 
hypothesis case to be distinguished from the false sub- 
key hypothesis cases. By means of this countermeasure, 
the electronic component is guarded against DPA 
attacks . 

It is known through the French patent application 
FR 2 785 477 published on 5 May 2000, by the GEMPLUS 
company, the content of which in its entirety forms an 
integral part of the present application, that it is 
not sufficient to arrange that the signal DPA(t) is 
null in relation to a given target bit. 

This is because, if the value taken by a number 
of target bits of the same data item manipulated by the 
critical instructions is considered, the curves will 
have to be sorted, no longer into two bundles, but into 
a number of bundles . It is no longer a binary 
selection function. It can be shown that, by next 
grouping together these bundles in one way or another, 
a signal DPA(t) can be obtained which is non-null in 
the case of a correct sub-key hypothesis, whereas it 
would have been null if a sort had been performed 
according to a binary selection function on a single 
target bit. 

Let, for example, two target bits of the same 
data item be taken. These two target bits can take the 
following 2^ values: "'00", "01", "10" and "11". 

By applying the selection function to the N=1000 
measured current consumption curves, four bundles of 
curves are obtained. If the sort is correct, a first 
bundle of around 250 curves corresponds to the value 
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''''00", a second bundle of around 250 curves corresponds 
to the value "01", a third bundle of around 250 curves 
corresponds to the value "10" and a fourth bundle of 
around 250 curves corresponds to the value "11". 

If the first and fourth bundles are grouped 
together in a first group and the second and third 
bundles are grouped together in a second group, two 
groups which are not equivalent are obtained. 

In the first group, the two bits have as many- 
chances of having the value "00" as having the value 
"11". The mean value at the critical instants of all 
the consumption curves in this group can be written: 

Ml (tci) = [consumption ("00") + consumption ("11") ] /2 

In the second group, the two bits have as many 
chances of having the value "01" as having the value 
"10". The mean value at the critical instants of all 
the consumption curves in this group can be written: 

M2 (tci) = [consumption ("01") + consumption ("10") ] /2 

If the difference between these two means is 
calculated, a non-null signal DPA(t) is obtained. In 
other words, the two groups whose mean consumptions are 
being compared do not have an equivalent content. 

In the aforementioned French patent application, 
an attempt has been made to prevent any significant 
signal in the DPA attack sense being obtained. 
Whatever the number of target bits taken, whatever the 
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coinbination of bundles made for comparing the mean 
consumptions, the signal DPA(t) will always be null. 
For this, it is necessary to obtain equivalent bundles, 
whatever the number of target bits considered. 

The aforementioned French patent application, as 
a solution to these various technical problems, 
proposes the use of a random value in an EXCLUSIVE OR 
operation with at least some output data from 
calculation means used in the algorithm. 

With the use of such a random value, the data 
manipulated by the critical instructions become 
unpredictable while having a correct result at the 
output of the algorithm. 

In the invention, however, it was ascertained 
that attacks could still be carried out successfully at 
well-determined locations in the algorithm execution, 
notably at the input and output of the algorithm. 

The object of the present invention is a 
countermeasure method in which these attacks are also 
made impossible. According to the invention, a second 
random value is used, applied to the input parameters 
of the cryptographic algorithm, in an EXCLUSIVE OR 
operation. This second random value propagates through 
the whole algorithm, so that the data which were not 
protected by the first random value are protected by 
the second. 

Thus, according to the invention, depending on 
the location in the algorithm, the data are protected 
either by the first random value, or by the second, or 
by a combination of these two random values . 
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As characterised, the invention therefore relates 
to a countermeasure method in an electronic component 
implementing a secret key cryptographic algorithm, the 
implementation of which comprises a numijer of 
successive calculation cycles in order to supply, from 
first input data applied to the first cycle, final data 
at the output of the last cycle allowing the production 
of an encrypted message, each calculation cycle using 
calculation means for supplying an output data item 
from an input data item, said calculation means 
comprising the application of a first random value (u) 
in order to obtain at the output an unpredictable data 
item, characterised in that the method comprises the 
use of means of applying a second random value to said 
first input data, according to an EXCLUSIVE OR 
operation . 

Other characteristics and advantages of the 
invention are detailed in the following description 
given as a guide and being in no way limitative and 
with reference to the accompanying drawings, in which: 

- Figures 1 and 2, already described, depict the 
signal DPA(t) which can be obtained in accordance with 
a hypothesis on a sub-key of the secret key K, 
according to a DPA attack; 

- Figures 3 and 4 are detailed flow diagrams of 
the first and last cycles of the DES algorithm, 
according to the state of the art; 

- Figure 5 is a block diagram of the operation 
SBOX used in the DES algorithm as presented in Figures 
3 and 4 ; 
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- Figure 6 shows an example elementary constants 
table with one input and one output used in the 
operation SBOX depicted in Figure 5; 

Figures 7 and 8 depict respectively an 
execution flow diagram of the DES and a detailed flow 
diagram of the first cycles, corresponding to an 
example application of the countermeasure method 
according to the state of the art; 

- Figure 9 depicts an execution flow diagram of 
the DES according to the invention; and 

- Figure 10 depicts a simplified block diagram of 
a smart card having an electronic component in which 
the countermeasure method according to the invention is 
implemented. 

For a good understanding of the invention, the 
normal DES secret key cryptographic algorithm, with no 
countermeasure method, will first be described. This 
DES algorithm has 16 calculation cycles, denoted Tl to 
T16, as depicted in Figures 3 and 4. 

The DES starts with an initial permutation IP on 
the input message M (Figure 3) . The input message M is 
a 64-bit word f. After permutation, a 64-bit word e is 
obtained, which is cut into two in order to form the 
input parameters LO and RO of the first cycle (Tl) . LO 
is a 32-bit word d containing the most significant 32 
bits of the word e. RO is a 32-bit word h containing 
the least significant 32 bits of the word e. 

The secret key K, which is a 64-bit word q, 
itself undergoes a permutation and a compression in 
order to supply a 56-bit word r. 
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The first cycle comprises an operation EXP PERM 
on the parameter RO, consisting of an expansion and a 
permutation, in order to supply at the output a 48-bit 
word 1. 

This word 1 is combined with a parameter Kl, in 
an EXCLUSIVE OR type operation denoted XOR, in order to 
supply a 48-bit word b. The parameter Kl, which is a 
48-bit word m, is obtained from the word r by a shift 
of one position (the operation denoted SHIFT in Figures 
3 and 4) followed by a permutation and a compression 
(the operation denoted COMP PERM) . 

The word b is applied to an operation denoted 
SBOX, at the output of which a 32-bit word a is 
obtained. This particular operation will be explained 
in more detail in connection with Figures 5 and 6. 

The word a undergoes a permutation P PERM, giving 
at the output the 32-bit word c. 

This word c is combined with the input parameter 
LO of the first cycle Tl, in an EXCLUSIVE OR type 
logical operation, denoted XOR, which supplies at the 
output the 32-bit word g. 

The word h (= RO) of the first cycle supplies the 
input parameter LI of the next cycle (T2) and the word 
g of the first cycle supplies the input parameter Rl of 
the next cycle. The word p of the first cycle supplies 
the input r of the next cycle. 

The other cycles T2 to T16 progress in a similar 
manner, except as regards the shift operation SHIFT 
which is carried out over one or two positions 
depending on the cycles considered. 
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Each cycle Ti thus receives at the input the 
parameters Li-1, Ri-1 and r and supplies at the output 
the parameters Li and Ri and r for the next cycle Ti+1. 

At the end of the DES algorithm (Figure 4), the 
encrypted message is calculated from the parameters L16 
and R16 supplied by the last cycle T16. 

This calculation of the encrypted message C in 
practice comprises the following operations: 

- formation of a 64-bit word e' by reversing the 
position of the words L16 and R16, and then 
concatenating them; 

- application of the permutation IP"''", the inverse 
of that of the DES start, in order to obtain the 64-bit 
word f forming the encrypted message C. 

The operation SBOX is detailed in Figures 5 and 
6. It comprises a constants table TCo for supplying an 
output data item a as a function of an input data item 
b. 

In practice, this constants table TCq comes in the 
form of eight elementary constants tables TCqI to TCqS, 
each receiving at the input only 6 bits of the word b, 
for supplying at the output only 4 bits of the word a. 

Thus, the elementary constants table TCqI depicted 
in Figure 6 receives, as input data, the bits bl to b6 
of the word b and supplies, as output data, the bits al 
to a4 of the word a. 

In practice these eight elementary constants 
tables TCqI to TCqS are stored in the program memory of 
the electronic component. 
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In the operation SBOX of the first cycle Tl, a 
particular bit of the output data a of the constants 
table TCo depends on solely 6 bits of the data b applied 
at the input, that is to say on solely 6 bits of the 
secret key K and the input message (M) . 

In the operation SBOX of the last cycle T16, a 
particular bit of the output data a of the constants 
table TCo can be recalculated from solely 6 bits of the 
secret key K and the encrypted message (C) . 

However, going back to the principle of the DPA 
attack, if one or more bits of the output data a are 
chosen as target bits, it is sufficient to make a 
hypothesis on 6 bits of the key K in order to predict 
the value of the target bit or bits for a given input 
message (M) or output message (C) . In other words, for 
the DES, it is sufficient to make a hypothesis on a 6- 
bit sub-key. 

In a DPA attack on such an algorithm for a given 
set of target bits issuing from a given elementary 
constants table, a correct sub-key hypothesis has 
therefore to be distinguished from among 64 possible 
ones . 

Thus, from the output bits of the eight 
elementary constants tables TCqI to TCqS, up to 8 x 6 = 
48 bits of the secret key can be discovered, by 
carrying out DPA attacks on corresponding target bits. 

In the DES, critical instructions in the DPA 
attack sense are therefore found at the start of the 
algorithm and at the end. These instructions are 
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detailed in the French patent application FR 98 13605 
to which reference can usefully be made. 

And it emerges that all the data manipulated by 
critical instructions are an output data item or data 
derived from an output data item of a DES start and end 
SBOX operation. 

The countermeasure method described in the 
aforementioned French patent application applied to 
this DES algorithm consists of making each of the data 
items manipulated by the critical instructions 
unpredictable. Thus, whatever the target bit or bits 
used, the signal DPA(t) will always be null. This 
countermeasure method is applied to the DES start 
critical instructions and to the DES end critical 
instructions . 

By taking the SBOX operations as first 
calculation means for supplying an output data item S=a 
from an input data item E=b, the countermeasure method 
of the aforementioned French patent application applied 
to the DES algorithm consists of using other 
calculation means instead of the first, in order to 
make the output data item unpredictable, so that this 
output data item and/or derived data manipulated by the 
critical instructions are all unpredictable. 

These other means can comprise various means . 
They are calculated from the first means by applying an 
EXCLUSIVE OR with a random value u {or a derived random 
value) to one and/or the other of the input and output 
data of the first means. 
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The use of this random value u is such that the 
result at the output of the algorithm, that is to say, 
the encrypted message C, remains correct. 

Figures 7 and 8 depict an example application of 
this countermeasure method, which corresponds to Figure 
10 of the aforementioned French patent application. 

In a conventional execution of the DBS algorithm, 
it has been seen that each cycle comprises the use of 
first means TCq in an operation SBOX. 

In this example, and as depicted in Figure 7, 
other means are calculated by performing an EXCLUSIVE 
OR with a random value u on the output data of the 
first means TCq and by performing an EXCLUSIVE OR with a 
derived value e (p (u) ) on the input data of the first 
means TCq. Then an identical execution sequence SEQA is 
applied to each group, which consists in using these 
other calculated means . 

In this method, use is therefore made of a random 
value u which is a 32-bit data item. For example, a 
32-bit random value can be taken, or else a 4-bit 
random value can be taken and copied 8 times in order 
to obtain a 32-bit random value. 

The derived variable equal to e(p(u)) is then 
calculated, where p(u) corresponds to the result of the 
operation P PERM applied to the value u and where 
e(p(u)) is the result of the operation EXP PERM applied 
to the value p (u) . 

The other means used by this countermeasure 
method can then be calculated. 



18 



In the example depicted with reference to Figure 
1, these other means comprise second means TC2 and an 
additional EXCLUSIVE OR operation denoted CP. 

The second means TC2 are used in each of the 
cycles . 

They are calculated by applying an EXCLUSIVE OR 
with the derived random variable e(p(u)) to the input 
data E and applying an EXCLUSIVE OR with the random 
value u to the output data S of the first means TCq, 
which can be written: 

TC2 - (Eee(p(u) ) , S©u) . 

The additional EXCLUSIVE OR operation CP with the 
derived random variable e (p (u) ) makes it possible to 
obtain, at the input of the second means TC2, the data 
b®e(p(u)). This operation is denoted CP(e(p(u))) in 
Figures 7 and 8 . 

This additional EXCLUSIVE OR operation CP with 
the variable e(p(u)) can be placed in various locations 
in the first and last cycles, either between the 
operation EXP PERM and the operation XOR or between the 
operation XOR and the operation SBOX. It can be 
replaced by an additional EXCLUSIVE OR operation CP 
with the derived random variable p (u) , by placing this 
additional operation CP{p(u)) before the operation EXP 
PERM. l©e(p(u)) is obtained at the output, and this 
will therefore then give b©e (p (u) ) . 

In all these cases, the data b®e (p (u) ) is 
obtained at the input of the operation SBOX. 
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The calculation program then consists, at the 
start of execution of the algorithm, in taking a random 
value u, in the example a 4-bit value, of calculating 
the derived random variable e(p(u)), and then of 
calculating the various means used in the execution 
sequence SEQA, that is to say calculating the second 
means TC2 . 

At the output of each group, the correct result 
for the output parameters is obtained. Thus, the 
output parameters L4 and R4 of the first group Gl, L8 
and R8 of the second group G2, L12 and R12 of the third 
group G3, and L16 and R16 of the fourth group G4 are 
correct whatever the random variable taken. 

When all the cycles have been performed, the 
correct parameters L16 and R16 are obtained which will 
make it possible to calculate the correct encrypted 
message C. 

On the other hand, within the groups, certain 
intermediate results do not have the same values 
according to the sequence used, but values 
corresponding to the EXCLUSIVE OR operation with the 
random value u or with the derived random value 
e(p(u)), which makes it possible to obtain protection 
against DPA attacks. 

Figure 8 shows the detailed flow diagram of the 
four cycles Tl, T2, T3 and T4 of the first group Gl, in 
the sequence SEQA, which makes it possible to reveal 
the role of the second means TC2 used in each cycle. 
According to their definition: TC2 = E©e(p(u)), S©u; by 
applying at the input the randomly modified data 
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b®e(p(u)) by means of the additional operation CP, the 
randomly modified data a®u is obtained at the output. 
Taking this reasoning from the cycle Tl to the end of 
the cycle T4, and noting that p(u)©p(u)=0, the 
unmodified data L4, R4 are obtained at the output of 
the cycle T4 . 

With such a countermeasure method, taking of the 
random value u and calculation of the means used in the 
execution sequence SEQA must be provided at the DES 
start. These means, calculated at each execution of 
the DES, are stored, at execution time, in working 
memory, the first means TCq which are used for the 
calculation being themselves stored in program memory. 

This countermeasure method according to the state 
of the art, which therefore consists in general terms 
in applying a random value u at least to the output of 
the calculation means used in each cycle of the 
algorithm, leaves certain data in clear. In Figures 7 
and 8 it can be seen that the input data, LO, RO, and 
following them the data h, 1 and b of the first cycle, 
are used in clear. 

Similarly, the data R3, L4, R4 , R7, L8, R8, Rll, 
L12, R12, R15, L16 and R16 are used in clear. 

In general terms, whatever the mode of 
application of the countermeasure method of the state 
of the art which has just been described, at least the 
input data LO and RO and output data L16 and R16 are 
used in clear in the algorithm. Other intermediate 
data may be so, as in the case described previously, 
which depend more particularly on the considered mode 
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of application of the countermeasure method of the 
state of the art, of which Figures 7 and 8 show only 
one of the example applications. 

In practice, attacks can therefore still be 
carried out on the algorithm, based on these data used 
in clear. 

The present invention therefore proposes an 
improvement to the aforementioned countermeasure 
method, which makes it possible to make all the data 
used in the algorithm unpredictable, by means of either 
the first random value u, or a second random value 
denoted v, or a combination of the two. 

An example implementation of this method is 
depicted in Figure 9. 

According to the invention, a second random value 
denoted v is used, applied to the input data LO and RO, 
by means of an EXCLUSIVE OR operation. 

Thus, the input data actually used in the 
calculation of the algorithm are unpredictable data 
equal to LO®v and RO©v. 

This second random value propagates through each 
of the cycles of the algorithm. At the output of the 
sixteenth cycle T16, the unpredictable data equal to 
L16®v and R16®v are therefore obtained as output data. 

In order to rediscover the true output data LI 6 
and R16 which will make it possible to obtain the 
encrypted message C, an EXCLUSIVE OR operation with the 
second random value v is applied to each of these data 
items LieSv and R16®v. 
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The use of the two random values u and v in 
combination makes it possible to obtain an improved 
countermeasure method, making the DES algorithm which 
implements it impervious to attack. 

Figure 9 shows the detail of a practical example 
implementation of a countermeasure method according to 
the invention. 

If the first cycle Tl is taken, there are at the 
input the data items LO©v and RO©v to which the 
operations EXP PERM and XOR (with the key Kl) are 
applied successively. The data at the input of the 
next operation SBOX is therefore the data b®v. 

The calculation means TCm associated with this 
operation SBOX consist, as in the countermeasure method 
of the state of the art, of a constants table deduced 
from the original constants table TCq of the DES 
algorithm. 

Denoting this original constants table TCq = (E, 
S) as seen in connection with Figure 6, the new 
calculation means TCm are calculated as follows: 

TCm = (E©e (v) , S©u) . 

In this way, the second random value v applied to 
the data at the input of each cycle is taken into 
account, and benefit is still obtained from the first 
random value, u, according to the method of the state 
of the art, at the output of the operation SBOX. 

Thus, at the output of the operation SBOX using 
the calculation means TCm, the data a©p{u) is obtained. 
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to which the operation P PERM is applied, giving the 
data c®p (u) . 

The following XOR operation with the input data 
LO©v supplies at the output the data g®p(u)©v. 

It should be noted that, in the state of the art 
described (Fig. 8), at this stage the data g®p(u) used 
at the input of the second cycle T2 was obtained. 

With the method according to the invention, the 
other input of the second cycle is the data Ll©v = 
RO®v, as shown in Figure 9. 

The second random value v therefore propagates 
through all the cycles of the algorithm. 

If the random value u is not eliminated from the 
output data of the first cycle (Rl© (v) ©p (u) ) , it is 
necessary to make provision for the use of other 
calculation means TCm' in the second cycle T2, defined 
by TCm' = E©e ( v) ®e (p (u) ) , S®u . 

This implementation of the invention is not of 
great interest, since it necessitates the calculation 
of two new constants tables TCm and TCm' , the random 
value u being applied in the table TCm' , not only to the 
output, but also to the input. 

Also, according to the invention, and as depicted 
in Figure 9, in order to facilitate the use of the two 
random variables u and v by reducing the calculations 
necessary for its implementation and in order to repeat 
the same operations in each cycle, an additional 
EXCLUSIVE OR operation denoted CP(p(u)) is provided at 
the end of each cycle, so as to eliminate the value 



24 



p(u) at the input of each new cycle. Thus, at the 
input of the second cycle Tl, the data Rl©v = 
(g®p (u) ev) ®p (u) is obtained, that is 
Rl©v = g®v. 

Each cycle then follows the previous one, 
executing the same sequence of calculation operations, 
so that, at the output of the sixteenth cycle, Ll6®v 
and R16©v are obtained as output data. By applying an 
EXCLUSIVE OR operation with the second random, value v 
to each of these two data items, the data L16 and R16 
are obtained which allow the encrypted message C to be 
produced. 

By applying the countermeasure method according 
to the invention which combines the use of a first 
random value u in calculation means provided in each 
cycle and the use of a second random value applied at 
the input, before the execution of the first cycle, all 
the data used in the algorithm are made unpredictable. 
Depending on the location in the algorithm, the 
countermeasure protection according to the invention is 
provided either by the first random value u, or by the 
second random value v, or by a combination of these two 
values . 

In practice, and in the example application 
depicted in Figure 9, before executing the DES 
algorithm proper, it is necessary to execute the 
following operations: 

- taking of the random values u and v 

- calculation of p (u) for the operation CP{p(u)) 
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- calculation of e (v) 

- calculation of TCm = E©e (v) , S©u. 

The random value v is a data item having the same 
number of bits as the data items LO and RO, that is 32 
bits in the example. In this method, use is therefore 
made of a random value v which is a 32-bit data item. 
For example, a 32-bit random value can be taken, or 
else a 4-bit random value can be taken and copied 8 
times in order to obtain a 32-bit random value (as for 
the random value u) . 

Other example applications can be envisaged, in 
which notably it can be provided that the cycles are 
not identical. All these variants which use the two 
random values according to the general principle 
explained are within the scope of the invention. 

An electronic component 1 implementing a 
countermeasure method according to the invention in a 
DES secret key cryptographic algorithm comprises 
typically, as depicted in Figure 10, a microprocessor 
mP, a program memory 2 and a working memory 3. The 
various calculation means TCq and TCm are, in practice, 
constants tables stored respectively in program memory 
1 and in working memory 3. In order to be able to 
manage the use of these calculation means, means 4 of 
generating a random value are provided which, if 
reference is made to the flow diagrams of Figures 7 and 
11, will supply the random values u and v at each 
execution of the DES. Such a component can most 
particularly be used in a smart card 5, in order to 
improve its inviolability. 
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CLAIMS 

1. A count ermeasure method against attacks by 
differential analysis in an electronic component 
implementing a secret key (K) cryptographic algorithm, 
the implementation of which comprises a number of 
successive calculation cycles (Tl, . . . T16) in order to 
supply, from first input data (LO, RO ) applied to the 
first cycle (Tl) , final data (L16, R16) at the output 
of the last cycle (T16) allowing the production of an 
encrypted message (C) , each calculation cycle using 
calculation means (TC) for supplying an output data 
item (S) from an input data item (E) , said calculation 
means comprising the application of a first random 
value (u) to the input data item (E) and to the output 
data item (S) in order to obtain at the output an 
unpredictable data item (S®u) , characterised in that 
the method comprises the use of means of applying a 
second random value (v) to said first input data (LO, 
RO) , according to an EXCLUSIVE OR operation. 

2. A countermeasure method according to Claim 1, 
characterised in that it also comprises the use of 
means of applying the second random value (v) to the 
final data supplied by the last cycle (TI6) , according 
to an EXCLUSIVE OR operation. 

3. A countermeasure method according to either 
one of the previous claims, characterised in that it 
comprises, at the end of each cycle, the execution of 
an additional operation (CP(p(u))) in order to 
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eliminate said first random value (u) at the output of 
each cycle. 

4 . A countermeasure method according to any one 
of the previous claims, characterised in that it 
comprises the taking of first and second random values 
(u, v) and calculation of the calculation means (TCm) 
used in each cycle for each new execution of the 
algorithm. 

5. A method according to Claim 4, characterised 
in that said calculation means (TCm) are calculated from 
first calculation means (TCq) defining, for input data 
(E) , corresponding output data (S) , by applying the 
second random value (v) to said input data (E®e (v) ) and 
applying the first random value (u) at least to said 
output data (S©u) of the first calculation means. 

6. A countermeasure method according to Claim 5, 
characterised in that the calculation means (TCq, TCm) 
are constants tables. 

7. An electronic security component implementing 
the countermeasure method against attacks by 
differential analysis comprising a secret key (K) 
cryptographic algorithm, the implementation of which 
comprises a number of successive calculation cycles 
{Tl, . . . T16) in order to supply, from first input data 
(LO, RO) applied to the first cycle (Tl) , final data 
(L16, R16) at the output of the last cycle (T16) 
allowing the production of an encrypted message (C) , 
each calculation cycle using calculation means (TC) for 
supplying an output data item (S) from an input data 
item (E) , said calculation means comprising the 
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application of a first random value (u) to the input 
data item (E) and to the output data item (S) in order 
to obtain at the output an unpredictable data item 
(S®u) , characterised in that first calculation means 
(TCo) are fixed in program memory (1) of said component, 
calculation means (TCm) used in each cycle being 
calculated at each new execution of the algorithm and 
stored in working memory (3), and in that it comprises 
means (4) of generating first and second random values 
(u, v) for calculating said calculation means (TCm) • 

8. A smart card comprising an electronic 

security component according to Claim 7 . 
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Application(s) designating the United States of America that is/are listed below and, insofar as the subject matter of each of the 
claims of this application is not disclosed in that/those prior application(s) in the manner provided by the first paragraph of Title 
35, United States Code, § 112, 1 acknowledge the duty to disclose to the U.S. Patent and Trademark Office all information known 
to me to be material to the patentability as defined in Tide 37, Code of Federal Regulations § 1.56, which became available 
between the filing date of the prior application(s) and the national or international filing date of this application: 



PRIOR U.S. APPLICATIONS OR INTERNATIONAL (PCT) APPLICATIONS DESIGNATING THE U.S. FOR BENEFIT UNDER 35 U.S.C. § 120: 



U.S. APPLICATIONS 


STATUS (check one) 


U.S. APPLICATION NUMBER 


U.S. FILING DATE 






ABANDONED 






□ 


□ 


□ 






















PCT APPLICATIONS DESIGNATING THE U.S. 








PCT APPLICATION NO. 


PCT FILING DATE 


U.S. APPLICATION 
NUMBERS ASSIGNED (if any) 








PCT/FROO/00283 


February 07, 2000 










, _.- 

























I teeby appoint the following attorneys and agent(s) to prosecute said application and to transact all business in the U.S. Patent and 
T^|emark Office connected therewith and to file, prosecute and to transact all business in connection with international applications 
dij^^ted to said invention: 



Mlliam L. Mathis 


17,337 


R. Danny Huntington 


27,903 


Ri^bertS. Swecker 


19,885 


Eric H. Weisblatt 


30,505 


i'&ton N. Mandros 


22,124 


James W. Peterson 


26,057 


Penton S. Duffett, Jr. 


22,030 


Teresa Stanek Rea 


30,427 


^feiman H. Stepno 


22,716 


Robert E. Krebs 


25,885 


Ronald L. Gnidziecki 


24,970 


William C. Rowland 


30,888 


Isrederick G. Michaud, Jr. 


26,003 


T. Gene Dillahunty 


25,423 


PUan E. Kopecki 


25,813 


Patrick C. Keane 


32,858 


Regis E. Stutter 


26,999 


B. Jefferson Boggs, Jr. 


32,344 


Samuel C. Miller, III 


27,360 


William H.Benz 


25,952 


Robert G. Mukai 


28,531 


Peter K. Skiff 


31,917 


George A. Hovanec, Jr. 


28,223 


Richard J. McGrath 


29,195 


James A. LaBarre 


28,632 


Matthew L. Schneider 


32,814 


E. Joseph Gess 


28,510 


Michael G. Savage 


32,596 



Gerald F. Swiss 


30,113 


Charles F. Wieland III 


33,096 


Bruce T. Wieder 


33,815 


Todd R. Walters 


34,040 


Ronni S. Jillions 


31,979 


Harold R. Brown III 


36,341 


Allen R. Baum 


36,086 


Steven M. duBois 


35,023 


Brian P. O'Shaughnessy 


32,747 


Kenneth B. Leffler 


36,075 


Fred W. Hathaway 


32,236 



21839 



and: 

Address all correspondence to: James A. LaBarre 

Burns, Doane, Swecker & Mathis, L.L.P. 
P.O. Box 1404 



Address all telephone calls to: James A. 




I hereby declare that all statements made herein of my own knowledge are true and that all statements made on information and 
belief are believed to be true; and fiirther that these statements were made with the knowledge that willful false statements and the 
like so made are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the United States Code and that 
such willful false statements may jeopardize the validity of the appHcation or any patent issued thereon. 
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)TOLL NAME OF SOLE OR FIRST INVENTOR 1 

BENOLT OLIVIER 1 


SIGNATURE 


-_ 1 DATE 




RESIDENCE (CITY & STATE/COUNTRY) f^l£ 

LaTreille d'Azur. Batiment D. 13400 AUBAGNE / FRANCE^ l\ 




CITIZENSHIP 
FRANCE 


POST OFFICE ADDRESS (HOME ADDRESS) ' 

UTreille D'Azur. Batiment D, 13400 AUBAGNE / FRANCE 




FULL NAME OF SECOND JOINT INVENTOR, IF ANY | 


SIGNATURE 


1 DATE 




RESIDENCE (CITY & STATE/COUNTRY) 


CITIZENSHIP 


POST OFFICE ADDRESS (HOME ADDRESS 


FULL NAME OF TH IRD JOINT INVENTOR. IF ANY | 


SIGNATURE 


1 DATE 




RESIDENCE (CITY & STATE/COtJNTRY) 


CITIZENSHIP 


POST OFFICE ADDRESS (HOME address 


FULL NAME OF FOURTH JOINT INVENTOR, IF ANY | 


SIGNATURE 


1 DATE 




RESDENCE (crrY & state/country) 






CITIZENSHIP 




POST OFFICE ADDRESS (HOME ADDRESS 


FULL NAME OF FIFTH JOINT EvTVENTOR, IF ANY | 


SIGNATURE 


j DATE 




RESIDENCE (CITY & STATE/COl^fTRY) 






CITIZENSHIP 




POST OFHCE ADDRESS (HOME ADDRESS 


FliLL NAME OF SIXTH JOINT INVENTOR, IF ANY | 


SIGNATURE 


1 DATE 




RfSHDENCE (CITY & STATE/COUNTRY) 






CITIZENSHIP 




POST OFFICE ADDRESS (HOME ADDRESS 


FUEL NAME OF SEVENTH JOINT INVENTOR, IF ANY | 


SIGNATURE 


1 DATE 




RESIDENCE (CITY & STATE/COIMTRY) 


crrizENSHip 


POST OFFICE ADDRESS (HOME ADDRESS 


FULL NAME OF EIGHTH JOINT INVENTOR, IF ANY | 


SIGNATURE 


1 DATE 




RESIDENCE (CITY & STATE/COUNTRY) 






CITIZENSHIP 




POST OmCE ADDRESS (HOME ADDRESS 


FULL NAME OF NINTH JOINT INVENTOR, IF ANY j 


SIGNATURE 


1 DATE 




RESIDENCE (CITY & STATE/COUNTRY) 






CITIZENSHIP 




POST OFFICE ADDRESS (HOME ADDRESS) 


FULL NAME OF TENTH JOINT INVENTOR, IF ANY | 


SIGNATURE 


1 DATE 




RESIDENCE (CITY & STATE/COUNTRY) 






CITIZENSHIP 




POST OFFICE ADDRESS (HOME ADDRESS 
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